Identity and Security Design Architecture

DfT is a multi-cloud environment with corporate data and records in MS 365, data centres in GCP and services in AWS. Identity and Access management is primarily in Azure Active Directory. As part of our Identity and Access Management (IDAM) developments and improvements, we are looking for a security and identity architect resource to design our IDAM sync across all environments. This design work will include workshopping, developing and designing the technology, people and process changes needed to improve synchronicity between how identity is managed across the 3 cloud environments. The work has already taken place to understand the as-is underlying architecture and current practices as well as an investigation identifying the corporate and specific business use cases that need to be resolved in identity and access management. This service is to work with in-house architects and engineers to create - A conceptual detailed architectural diagram of how we want identity to managed across the three cloud environments - Identify processes and roles and responsibilities that need to change to support the new approach. - A logical low level design on synchronicity between AAD and MS365 to support the use of power apps, Power BI and Power platform (including use of co-pilot and how data loss prevention is supported). - A logical low level design on synchronicity between AAD and GCP IAM to support role-based access to applications, data and cloud components. - Deliver both low level designs against the requirements for specific business use cases and how the design will resolve use case requirements. - Identify automation and technology solutions that will streamline identity and access management processes to ensure a more secure, efficient approach. - Identity easy-to-implement tactical changes to existing processes to improve management of groups, attributes and role based access